Martin Schwidefsky of IBM discovered that the ptrace subsystem does
not properly sanitize the psw mask value. On s390 systems, an
unprivileged local user could use this flaw to set address space
control bits to kernel space combination and thus gain read/write
access to kernel memory.

Gopal Reddy Kodudula of Nokia Siemens Networks discovered that the
sctp_association_free function does not properly manage a certain
backlog value, which allows remote attackers to cause a denial of
service (socket outage) via a crafted SCTP packet.

Sasha Levin discovered a flaw in the Linux kernel's point-to-point
protocol (PPP) when used with the Layer Two Tunneling Protocol
(L2TP). An unprivileged local user could use this flaw for privilege
escalation.

For the stable distribution (wheezy), these problems have been fixed in
version 3.2.60-1+deb7u3.

For the unstable distribution (sid), these problems have been fixed in
version 3.14.13-2.